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(54) Circuit and method for generating cryptographic keys 



(57) A circuit for and method of: generating a cryp- 
tographic key at a communications node. The circuit in- 
cludes: (1) communications circuitry for communicating 
a first seed during a first communications session and 
communicating a second seed during a second commu- 
nications session temporally separated from the first 



communications session and (2) processor circuitry for 
creating the cryptographic key from the first and second 
seeds, the communicating of the first and second seeds 
occurring during the temporally-separated first and sec- 
ond communications sessions, respectively, thereby to 
enhance a privacy of the cryptographic key. 
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Description 

Teciinical Field Of The Invention 

The present invention is directed, in general, to 
cryptography and. more specifically^ to a circuit and 
method for generating cryptographic keys. 

Baci<ground Of The Invention 

Preserving the privacy of information communicat- 
ed between parties continues to provide a major chal- 
lenge for today's communications systems. Some sys- 
tems encrypt information before transmission so it is un- 
readable, except to a party possessing an appropriate 
cryptographic key. Thus it is paramount to the success 
of the cryptographic system to preserve the secrecy of 
the cryptographic key. 

In general, encryption works as follows: a sending 
party encrypts information ("plaintext") with an encryp- 
tion key. transforming the plaintext into "ciphertext:" the 
sending party then transmits the cyphertext to a receiv- 
ing party. The receiving party decrypts the ciphertext 
with a corresponding decryption key, thereby transform- 
ing the encrypted information back into its original, read- 
able form. An eavesdropper wishing to intercept and de- 
crypt the cyphertext must either try to obtain the key or 
to recover the plaintext without using the key. I n a secure 
cryptosystem. the plaintext cannot be recovered from 
the ciphertext in a practical amount of time: except 
through use of the decryption key. 

Secret key cryptography is based on the sender and 
receiver of a message knowing and using the same key: 
the sender uses the secret key to encrypt the message: 
the receiver uses the same secret key to decrypt the 
message. A well-known and widely-used secret key 
cryptosystem is the Data Encryption Standard ("DES"). 

A significant challenge for cryptosystems is how to 
enable the sending and receiving parties to create, 
share and store the secret key without a potential eaves- 
dropper discovering it (so-called "key management"). 
Any third party who intercepts the key during transmis- 
sion or infiltrates a database holding the key can later 
read all messages encrypted with that key. nullifying the 
benefits of encryption. 

Public key cryptography solves the key manage- 
ment problems of secret key cryptography. In public key 
cryptography, the receiving party generates a pair of dif- 
ferent keys: the "public key" and the "private key." The 
sending party encrypts information using the receiving 
party's public key. Only the receiving party's private key 
can decrypt the information. Thus, the need for the 
sender and receiver to share secret keys is eliminated. 
Communication between the parties involves only pub- 
lic keys and cyphertext: therefore, no private key is ever 
transmitted or shared. A widely known public-key cryp- 
tosystem is the Rivest-Shamir-Aldleman ("RSA") algo- 
rithm. 



Given the inherent insecurity of wireless communi- 
cation, it has been long felt that encryption of wireless 
communications would be highly advantageous. Unfor- 
tunately, a primary disadvantage of public-key cryptog- 

5 raphy is speed: secret key cryptosystems are generally 
significantly faster. Therefore, because encryption 
speed is often a critical factor in communications sys- 
tems, it is apparent that secret key cryptosystems are 
currently most appropriate for communications sys- 

10 terns. 

It is generally considered unwise to transmit a se- 
cret key over an insecure channel, such as a wireless 
channel. Further it may be naive to assume that landline 
channels are completely secure. Therefore, in the past, 
a user desiring to activate a mobile communications 
node (such as a wireless telephone) was required to 
transport the mobile node physically to a site (usually 
that of a carrier's agent or dealer) where a human rep- 
resentative manually entered the secret key into the mo- 

20 bile node. Besides the obvious disadvantage of requir- 
ing the user to travel, this prior art method suffered from 
two additional disadvantages. First, the representative 
was required to enter a sequence of perhaps 26 digits 
into the mobile node's keypad. Although the sequence 

25 included verification digits, a keypunch error required 
complete reentry and therefore was tedious. Second, 
the representative knew the sequence and might there- 
fore be tempted to disclose the sequence to a potential 
eavesdropper. 

30 A currently-proposed procedure addresses some of 
these deficiencies. Under the procedure, secret keys 
would be transmitted to a mobile node thus: a user de- 
siring to activate the mobile node places a call to the 
carrier's agent. After verifying the user's credit and other 

35 information and after downloading required identifica- 
tion information to the mobile node, public encryption 
keys are exchanged, allowing transmission of a public- 
key (for instance. RSA) encrypted secret key to the mo- 
bile node. Once decrypted, the secret key is available 

■*o for encrypting the mobile node's transmissions. 

While this proposed procedure employs both se- 
cret- and public-key cryptography systems key man- 
agement under this procedure still suffers from several 
disadvantages. First, implementing the key exchange 

-^5 and the RSA algorithm demands significant processing 
power. Second, the cryptography system may be re- 
quired to implement multiple algorithms (e.g.. RSA. 
CAVE and ORYX) for the secure transfer of information, 
cryptography and authentication. Third. RSA imposes 

so heavy licensing royalties on their algorithm. Fourth, a 
potential eavesdropper may still steal the private key 
stored at a local site. Finally, since the encrypted mes- 
sage is within an RSA digital envelope, the procedure 
is subject to the speed deficiencies of public key cryp- 

55 tosystems. 
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Summary Of The Invention 

To address the above-discussed deficiencies of the 
prior art. a first aspect of the present invention provides 
a circuit for and method of, generating a cryptographic 
key at a communications node. The circuit includes 
communications circuitry for communicating a first seed 
during a first communications session and communicat- 
ing a second seed during a second communications 
session temporally separated from the first communica- 
tions session. The circuit further includes processor cir- 
cuitry for creating the cryptographic key from the first 
and second seeds. The communicating of the first and 
second seeds occurs during the temporally-separated 
first and second communications sessions, respective- 
ly, to enhance the privacy of the cryptographic key. 

The present invention introduces the broad concept 
communicating cryptographic key seeds in lieu of com- 
municating the key itself, either in plaintext or cypher- 
text. Cryptographic keys are independently generated 
at different communications nodes, rather than being 
generated at one node and transmitted to the other. Fur- 
ther the seeds are communicated over multiple com- 
munications sessions rather than over a single session. 
As will be shown, the seeds are highly random. 

For purposes of the present invention, "communi- 
cations node" is defined broadly to mean any equipment 
whatsoever capable of conducting communications, in- 
cluding (in the case of telecommunications) both wired 
and wireless terminals, central office equipment and 
wireless base stations and (in the case of computer net- 
works) client, peer and server systems and network 
communications resources. The present invention is 
thus fully employable in both telecommunications and 
computer systems. 

The foregoing has outlined, rather broadly, pre- 
ferred and alternative features of the present invention 
so that those skilled in the art may better understand the 
detailed description of the invention that follows. Addi- 
tional features of the invention will be described herein- 
after that form the subject of the claims of the invention. 
Those skilled in the art should appreciate that they can 
readily use the disclosed conception and specific em- 
bodiment as a basis for designing or modifying other 
structures for carrying out the same purposes of the 
present invention. Those skilled in the art should also 
realize thai such equivalent constructions do not depart 
from the spirit and scope of the invention in its broadest 
form. 

Brief Description Of The Drawings 

For a more complete understanding of the present 
invention, and the advantages thereof, reference is now 
made to the following descriptions taken In conjunction 
with the accompanying drawings, in which: 

FIGURE 1 illustrates a block diagram of first and 



second communications nodes employing an em- 
bodiment of the present invention, 
FIGURE 2 illustrates an isometric view of a compu- 
ter system operating as a communications node; 
5 FIGURE 3 illustrates a schematic block diagram of 

the CPU of FIGURE 2 incorporating an embodiment 
of the present invention. 

FIGURE 4 illustrates a flow chart of an alternative 
procedure for generating a cryptographic key in a 
10 wireless telecommunications network according to 
the principles of the present invention: and 
FIGURE 5 illustrates a wireless communications in- 
frastructure employing ah embodiment of the 
present invention. 

15 

Detailed Description 

Referring initially to FIGURE 1 , illustrated is a block 
diagram of first and second communications nodes 1 1 0. 

20 1 20 employing an embodiment of the present invention. 
The illustrated embodiment includes circuit 100 for in- 
dependently generating cryptographic keys at first and 
second communications nodes 110. 1 20. First and sec- 
ond communications nodes 110. 120 are typically posi- 

25 tioned at remote locations within a communications net- 
work (not shown). 

Circuit 100 generally comprises communications 
circuitry and processor circuitry distributed between first 
and second communications nodes 1 10. 1 20. The com- 

30 munications circuitry comprises first communications 
circuit 130 located in first communications node 110 and 
second communications circuit 140 located in second 
communications node 120. 

First communications circuit 130 transmits a first 

3S seed from first communications node 110 to second 
communications node 140 during a first communica- 
tions session. The first seed is transmitted over first 
communications channel 150. Second communications 
circuit 140 receives and stores the first seed. Second 

•*o communications circuit 140. then, transmits a second 
seed from second communications node 120 to first 
communications node 110 during a second communi- 
cations session. The second seed is transmitted over 
second communications channel 160. First communica- 

^5 tions circuit 110 receives and stores the second seed. 
The first communications session is temporally separat- 
ed from the second communications session to de- 
crease a probability of both sessions being intercepted 
by an eavesdropper Thus, in the illustrated embodi- 

so ment. separate physical or virtual channels are em- 
ployed to carry the first and second communications 
sessions. 

The processor circuitry comprises first processing 
circuitry 170 located in first communications node 110 
55 and second processing circuitry 180 located in second 
communications node 120. First and second processing 
circuitry 170. 180 independently generate cryptographic 
keys from the first and second seeds at first and second 
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communicalions nodes. 110. 120. respectively. There- 
fore, the communications and processor circuitry are 
partitioned into each of first and second communica- 
lions nodes 110, 120. 

Although the present invention is completely inde- 
pendent of the particular manner in which the crypto- 
graphic keys are generated from the first and second 
seeds the general formula by which the keys are gen- 
erated is: 

K = F(S,,S2) 

where; 

K is the cryptographic key. 

is the first seed and 
S2 is the second seed. 

Thus, it can be seen that K is a function of and 
S2. The function may be mathematical, logical or a com- 
bination of the two. 

The transmission of the first and second seeds dur- 
ing the temporally-separated first and second commu- 
nications sessions and the subsequent independent 
generation of the cryptographic keys at first and second 
communications nodes 110. 120 enhances the privacy 
of the cryptographic keys. 

Additionally, first and second processing circuitry 
170. ISO preferably independently generate verification 
data {e.g. in the form of a number). The verification data 
are transmitted between first and second communica- 
tions circuitry 130. 140 and stored. First and second 
processing circuitry 170. 1S0 verify the cryptographic 
keys at first and second communication nodes 110, 1 20 
to further enhance the security of the cryptographic 
keys. While the verification data confirms the crypto- 
graphic keys, a potential eavesdropper cannot recon- 
struct either the seeds or the cryptographic keys from 
the verification data. 

Again, although the present invention is completely 
independent of the particular manner in which the veri- 
fication data are generated from the first and second 
seeds, the general formula by which the verification data 
are generated Is: 

V=F(S,.S2) 

where; 

V is the verification data. 

is the first seed and 
S2 is the second seed. 

Thus, it can be seen that, like K. V is also a function 
of Si and 82- Given a unique and S2. unique K and 
V are preferably generated. For the verification data to 



perform their intended function, the formula employed 
to generate the cryptographic keys and verification data 
should be such that the cryptographic keys can be taken 
as identical if the verification data are identical. 

5 Turning now to FIGURE 2. illustrated an isometric 

view of computer system 200 operating as a communi- 
cations node. The computer system 200 may be a con- 
ventional personal computer ("PC"): such as an AT&T 
Globalyst 3356. model no. 1006. available from NCR. 

10 located in Dayton. Ohio. U.S.A.. for example. Alterna- 
tively, the communications node may take the form of a 
wireless terminal. 

Computer system 200 includes monitor 210. chas- 
sis 220 and keyboard 230. Alternatively, monitor 210 

'5 and keyboard 230 may be replaced by other conven- 
tional output and input devices, respectively. Chassis 
220 includes both floppy disk drive 240 and hard disk 
drive 245. Floppy disk drive 240 is employed to receive, 
read and write to external disks: hard disk drive 245 is 

20 employed for fast access storage and retrieval. Floppy 
disk drive 240 may be replaced by or combined with oth- 
er conventional structures to receive and transmit data 
and instructions. Including without limitation, tape and 
compact disc drives, telephony systems and devices 

25 (including videophone paging and facsimile technolo- 
gies), and serial and parallel ports. 

Chassis 220 is illustrated having a cut-away portion 
that includes battery 250. clock 260, central processing 
unit ("CPU") 270 and memory storage device 2B0. The 

30 processing circuitry of the present invention is embodied 
In CPU 270 and the communications circuitry of the 
present invention is embodied in CPU 270 in combina- 
tion with memory storage device 280. Although compu- 
ter system 200 Is illustrated having a single CPU 270. 

35 hard disk drive 245 and memory storage device 260. 
computer system 200 may be equipped with a plurality 
of CPUs and peripheral devices. 

It should be noted that any conventional computer 
system having at least one CPU that is suitable to func- 

•^0 lion as one of a communications node may be replaced, 
or be utilized In conjunction with, computer system 200. 
including without limitation, videophones, telephones, 
televisions, sophisticated calculators, and hand-held, 
laptop/notebook, mini, mainframe and supercomputers. 

-ts including Rl SC and parallel processing architectures, as 
well as within computer system network combinations. 
Conventional computer system architecture is more ful- 
ly discussed in Computer Organization and Architec- 
ture , by William Stallings. MacMillan Publishing Co. (3rd 

50 ed. 1993) and incorporated herein by reference. Alter- 
native computer system embodiments may be 
firmware-or hardware-based. 

Turning now to FIGURE 3. illustrated is a schematic 
block diagram off CPU 270 of FIGURE 2 incorporating 

55 an embodiment of the present Invention. CPU 270 is 
coupled to memory storage device 2S0 by data bus 31 0. 
Memory storage device 2S0 stores data and instructions 
that CPU 270 uses to execute the functions necessary 
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to operate computer system 200. Memory storage de- 
vice 250 may be any conventional memory storage de- 
vice. CPU 270 includes control unit 320. arithmetic logic 
unit ("ALU") 330 and local memory storage device 340 
(e.g. stackable cache: apluralityof registers, etc.). Con- 
trol unit 320 fetches the instructions from memory stor- 
age device 230. ALU 330. in turn, performs a plurality 
of operations, including addition and Boolean AND. nec- 
essary to carry out the instructions fetched from memory 
storage device 250. Local memory storage device 340 
provides a local high speed storage location for storing 
temporary results and control information generated 
and employed by ALU 330. Again, the processing cir- 
cuitry of the present invention is embodied in CPU 270 
and the communications circuitry of the present inven- 
tion is embodied in CPU 270 in combination with mem- 
ory storage device 260. 

Turning now to FIGURE 4. illustrated is a flow chart 
of an alternative procedure for generating a crypto- 
graphic key in a wireless telecommunications network 
according to the principles of the present invention. 
Those of ordinary skill in the art will recognize that the 
procedure may be varied to increase or decrease secu- 
rity, as a particular application may require. The proce- 
dure is. also, equally employable in other communica- 
tions networks (e.g. computer networks) to provide se- 
cure key management between clients and server sta- 
tions. 

The procedure commences at start step 400 where 
a new user of a mobile node (or "wireless terminal") en- 
deavors to activate the mobile telephone. At initialization 
step 410. the user makes a landline call from a landline 
telephone in the comfort of the home or office to a sub- 
scriber center. At this time, the mobile telephone is in 
the presence of the user but it is still inactive. After credit 
information is exchanged with the subscriber center and 
feature information is completed, the user is instructed 
to place the mobile telephone in a special mode. During 
activate mobile telephone step 420. the mobile tele- 
phone in the special mode displays a random decimal 
number A,^, ("a first seed") on a display of the mobile 
telephone. A^^, may be generated by processing circuitry 
within the mobile telephone or may be retrieved from 
factory-programmed memory within the mobile tele- 
phone. The user then speaks to the subscriber cent- 
er. In response to receiving A^^, an activation computer 
having a secure database associated therewith (and lat- 
er accessible by a base station) creates a random dec- 
imal number Aq ("a third seed"): Aq is then spoken to 
the user. The user is instructed to enter Aq into the mo- 
bile telephone and the landline communication is termi- 
nated. At this point, both the mobile telephone and the 
activation computer have two of the three required 
seeds. 

The procedure for generating the cryptographic key 
commences again when the user places his first wire- 
less call via the mobile node (at wireless call step 430). 
Once the base station receives a request to connect the 



8 

wireless call, it offers a unique challenge to the mobile 
node at unique challenge step 440. The base station 
recognizes that no cryptographic key has yet been gen- 
erated for the mobile node (preferably by consulting the 

5 secure database) and therefore creates a random dec- 
imal number RANOU ("a second seed") and communi- 
cates RANDU to the mobile node. Now that the activa- 
tion computer and the mobile node both possess all 
three seeds, the activation computer and base station 

10 independently generate (at generation step 450) a cryp- 
tographic key A-KEY and verification data AUTHU. AU- 
THU. as calculated by the mobile node, is then trans- 
mitted from the mobile node to the activation computer 
via the base station at verification decisional step 460. 

IS If the transmitted AUTHU does not match the AUTHU 
calculated by the activation computer (indicating that at 
' least one of the three seeds has been corrupted): the 
cryptographic keys are not verified and the procedure 
terminates at end step 470. However, if the transmitted 

20 AUTHU matches the AUTHU at the base station, then 
the cryptographic keys are verified. Thus, at activate key 
step 480. the A-KEY is activated and the encrypted mes- 
sage from the mobile node can be downloaded and read 
using the A-KEY. Finally, the procedure for'generating 

25 the cryptographic key terminates at end step 470. 

In this more specific embodiment, the general for- 
mula employed to derive A-KEY and AUTHU is as fol- 
lows: 

A-KEY = F(Aj^,, RANDU. Aq) 
AUTHU = F(Ap^, RANDU. Aq) 

35 

where: 

A-KEY is the cryptographic key, 
AUTHU is the verification data. 
40 A^ is the first seed. 

RANDU. is the second seed and 
Aq is the third seed. 

Again, for the authorization data to perform its func- 
-^5 tion properly, the function that derives A-KEY and AU- 
THU should be such that, if AUTHU is identical at the 
base and mobile nodes. A-KEY can be taken as identi- 
cal- 
Turning now to FIGURE 5. illustrated is wireless 
50 communications infrastructure 500 employing an em- 
bodiment of the present invention. Wireless communi- 
cations infrastructure 500 comprises a communications 
network with subscriber center/activation computer/ 
base station 510 (henceforth "base station 510") for 
55 communicating signals via wireless communications 
channels. Wireless communications infrastructure 500 
also includes secure database 512, associated with the 
activation computer of- base station 510. for containing 
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cryptographic keys. The cryptographic keys permit the 
secure bidirectional transmission of encrypted signals 
between base station 51 0 and wireless terminals or mo- 
bile nodes 530. 540. 550, 560. Wireless terminals 530, 
540. 550. 560 are coupled to base station 510 by the 
wireless communications channels encompassing first 
communication channels 502. 504. 506. 508 and sec- 
ond communication channels 503, 505. 507. .509. Each 
of wireless terminals 530. 540. 550. 560 has associated 
memory 533. 543. 553. 563. respectively, for storing the 
cryptographic key. 

Wireless communications Infrastructure 500 still 
further includes a key management system for inde- 
pendently generating cryptographic keys at base station 
510 and wireless terminals 530, 540. 550. 560. The key 
management system comprises communications cir- 
cuitry 515. 535, 545. 555. 565. associated with base sta- 
tion 510 and wireless terminals 530, 540. 550. 560. re- 
spectively, for transmitting seeds between base station 
510 and wireless terminals 530. 540. 550. 560. 

For instance, during a communications session be- 
tween base station 510 and selected wireless terminal 
530. a first and third seed are transmitted between base 
station 510 and selected wireless terminal 530 during a 
first communications session. The first seed originates 
from base station 510 and the third seed originates from 
selected wireless terminal 530. The first and third seeds 
are transmitted over first communications channels 502 
associated with selected wireless terminal 530. Com- 
munications circuitry 515. 535. further transmits a sec- 
ond seed between base station 510 and selected wire- 
less terminal 530. during a second communications ses- 
sion. The first communications session is temporally 
separated from the second communications session. 
The second seed is transmitted over second communi- 
cations channels 503 associated with selected wireless 
terminal 530. 

In the illustrated embodiment, the first and third 
seeds are each 8 to 10 digits or bits (binary) in length 
and the second seed is 24 digits in length. Of course, 
those of .skill in the art understand that the lengths may 
be varied to accommodate the level of security desired. 

The key management system still further comprises 
processor circuitry 518, 538, 548. 55S. 568. associated 
with base station 510 and wireless terminals 530. 540. 
550. 560. respectively. Processing circuitry 518. 538, 
548. 558. 568 generates the cryptographic keys and 
verifications numbers, in a mathematical function, from 
the first, second and third seeds at both base station 
510 and wireless terminals 530. 540. 550. 560. Process- 
ing circuitry 518 also stores the cryptographic key in se- 
cure database 512. Wireless terminals 530. 540. 550. 
560 then transmit the verification numbers to base sta- 
tion 510 to verify the authenticity of the cryptographic 
keys at base station 510 and wireless terminals 530. 
540. 550. 560. 

Returning to the communications session between 
base station 510 and selected wireless terminal 530. 



processing circuitry 518. 538 associated with base sta- 
tion 510 and selected wireless terminal 530. independ- 
ently generate a cryptographic key and verification 
number. The verification number Is transmitted between 

s base station 510 and selected wireless terminal 530 to 
verify the cryptographic key: the cryptographic key is 
concurrently stored in secure database 512. Once the 
cryptographic keys are verified, base station 510 and 
selected wireless terminal 530 can encrypt the encrypt- 

10 ed signals. 

Again, the transmission of the first, second and third 
seeds occurs during the temporally-separated first and 
second communications sessions, respectively, to en- 
hance a privacy of 'the cryptographic keys. Moreover. 

IS the cryptographic keys are independently generated 
and verified to enhance the security of wireless commu- 
nications infrastructure 500. 

Inclusion of the wireless communication infrastruc- 
ture of FIGURE 5 is for illustrative purposes only. The 

20 techniques for generating cryptographic keys at remote 
locations in accordance with the pi-esent invention may 
be used in conjunction with any suitably arranged com- 
munication system for receiving communication signals, 
whether wired or wireless. Exemplary communication 

25 systems include, but are not limited to. telephony sys- 
tems (including videophone and cellular technologies), 
direct television systems, processing system networks 
(Including local and wide area networks), satellite sys- 
tems, land-mobile radio systems, data storage and re- 

30 irieval systems, and the like. In particular the principles 
of the present Invention are particularly advantageous 
when used in conjunction with wireless and optical com- 
munication signals. 

Although selected embodiments of the present in- 

35 vention have been described in detail, those skilled in 
the art should understand that they can make various 
changes, substitutions and alterations herein without 
departing from the scope of the invention in its broadest 
form. 

40 

Claims 

1 . Apparatus associated with a comm unications node, 
for generating a cryptographic key at said commu- 
nications node, comprising: 

communications circuitry for communicating a 
first seed during a first communications session 
50 and communicating a second seed during a 

second communications session temporally 
separated from said first communications ses- 
sion: and 

processor circuitry for creating said crypto- 
55 graphic key from said first and second seeds. 

said communicating of. said first and second 
seeds occurring during said temporally-sepa- 
rated first and second communications ses- 



6 



BNSDOCIO: <EP_0800293A2 J_> 



4 



11 



EP 0 800 293 A2 



12 



sions. respectively, thereby to enhance a priva- 
cy of said cryptographic key. 

2. Apparatus as recited in claim 1 wherein said com- 
munications circuitry further communicates a third 
seed during said first communications session, said 
processor circuitry creating said cryptographic key 
from said first, second and third seeds. 

3. Apparatus as recited in claim 1 or claim 2 wherein 
said first seed is communicated over a first commu- 
nications channel and said second seed is commu- 
nicated over a second communications channel. 

4. Apparatus as recited in any of the preceding claims 
wherein said communications circuitry comprises: 

first communications circuitry for transmitting 
said first seed from said communications node 
to another communications node during said 
first communications session: and 
second communications circuitry for receiving 
said second seed from said other communica- 
tions node during said second communications 
session. 

5. Apparatus as recited in any of the preceding claims 
wherein said processor circuitry further generates 
verification data for verifying said cryptographic key. 

6. Apparatus as recited in any of the preceding claims 
wherein said communications circuitry communi- 
cates verification data during said second commu- 
nications session. 

1, Apparatus as recited in any of the preceding claims 
wherein said communications node is a mobile 
node of a wireless telecommunications network. 

8. Apparatus as recited in any of claims 1 to 6 wherein 
said communications node is a client station of a 
computer network. 

9. Apparatus lor independently generating crypto- 
graphic keys at first and second commu Plications 
nodes, comprising: 

communications circuitry for transmitting first 
and third seeds between said first and second 
communications nodes during a first communi- 
cations session over a first communications 
channel and transmitting a second seed be- 
tween said first and second communications 
nodes during a second communications ses- 
sion temporally separated from said first com- 
munications session and over a second com- 
munications channel separate from said first 
communications channel: and 



processor circuitry for generating verification 
data and said cryptographic keys from said first, 
second and third seeds at both said first and 
second communications nodes, said processor 
circuitry employing said verification data during 
said second communications session to verify 
said transmitting of said first, second and third 
seeds, said transmitting of said first and second 
seeds occurring during said temporally-sepa- 
rated first and second communications ses- 
sions and over said separate first and second 
communications channels, respectively, to 
thereby enhance a privacy of said cryptograph- 
ic keys. 



75 



10. Apparatus as recited in claim 9 wherein said first 
communications node is a mobile node of a wireless ' 
telecommunications network and said second com- 
munications node is a base station of said wireless 

20 telecomunicaiions network. 

11. Apparatus as recited in claim 9 wherein said first 
communications node is a client station of a com- 
puter network and said second commijnications 

2S node is a server station of said computer network. 

1 2. Apparatus as recited in any of the preceding claims 
wherein said second communications session is 
conducted over a wireless communications chan- 
ge nel. 

13. Apparatus comprising: 

a communications network having a base sta- 

55 tion for communicating signals via wireless 

communications channels-: 
a secure database, associated with said base 
station, for containing cryptographic keys, said 
cryptographic keys allowing transmission of en- 

40 crypted signals from said base station: 

a plurality of wireless terminals couplable to 
said base station via said wireless communica- 
tions channels to allow communication of sig- 
nals therebetween, each of said plurality of 

45 wireless terminals having a memory associated 

therewith for storing a cryptographic key allow- 
ing transmission of encrypted signals from said 
each of said plurality of wireless terminals to 
said base station: and 

so a key management system for independently 

generating cryptographic keys at said base sta- 
tion and a selected one of said plurality of wire- 
less terminals, comprising: 
communications circuitry, associated with said 

55 base station and said selected one of said plu- 

rality of wireless terminals, for transmitting a 
first seed between said base station and said 
selected one of said plurality of wireless termi- 
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nals during a first communications session and 
transmitting a second seed between said base 
station and said selected one of said plurality 
of wireless terminals during a second commu- 
nications session temporally separated from 
said first communications session, and 
processor circuitry, associated with said base 
station and said selected one of said plurality 
of wireless terminals, for generating said cryp- 
tographic keys from said first and second seeds 
at both said base station and said selected one 
of said plurality of wireless terminals and stor- 
ing one of said cryptographic keys in said se- 
cure database, said transmitting of said first 
and second seeds occurring during said tem- 
porally-separated first and second communica- 
tions sessions, respectively, to thereby en- 
hance a privacy of said cryptographic keys. 

14. Apparatus as recited in claim 1 3 wherein said com- 
munications circuitry further transmits a third seed 
between said base station and said selected one of 
said plurality of wireless terminals, said first seed 
originating at said selected one of said plurality of 
wireless terminals and said third seed originating at 
said base station, said processor circuitry generat- 
ing said cryptographic keys from said first, second 
and third seeds at both said base station and said 
selected one of said plurality of wireless terminals. 

1 5. Apparatus as recited in claim 1 3 or claim 1 4 wherein 
said communications circuitry uses a wired first 
communications channel for said first communica- 
tions session and a wireless second communica- 
tions channel for said second communications ses- 
sion. 

16. Apparatus as recited in any of claims 13 to 15 
wherein said communications circuitry communi- 
cates verification data between said base station 
and said selected one of said plurality of wireless 
terminals during said second communications ses- 
sion. 

17. Apparatus as recited in any of the preceding claims 
wherein said first seed is 8 to 10 digits in length and 
said second seed is 24 digits in length. 

18. A method of generating a cryptographic key at a 
communications node, comprising the steps of: 

communicating a first seed during a first com- 
munications session and communicating a sec- 
ond seed during a second communications 
session temporally separated from said first 
communications session: and 
creating said cryptographic key from said first 
and second seeds, said communicating of said 



first and second seeds occurring during said 
temporally-separated first and second commu- 
nications sessions, respectively, thereby to en- 
hance a privacy of said cryptographic key. 

5 

19. The method as recited in claim 18 further compris- 
ing the steps of: 

further communicating a third seed during said 
10 first communications session: and 

creating said cryptographic key from said first, 
second and third seeds. 

20. The method as recited in claim 18 or claim 19 
15 wherein said step of communicating comprises the 

steps of: 

communicating said first seed over a first com- 
munications channel: and 
20 communicating said second seed over a sec- 

ond communications channel. 

21. The method as recited in any of claims 18 to 20 
wherein said step of communicating comprises the 

25 steps of: 

transmitting said first seed from said communi- 
cations node to another communications node 
during said first communications session: and 
30 receiving said second seed from said other 

communications node during said second com- 
munications session. 

22. The method as recited in any of claims IS to 21 fur- 
35 ther comprising the step of further generating veri- 
fication data for verifying said cryptographic key 

23. The method as recited in any of claims 18 to 22 
wherein said step of communicating further com- 

40 prises the step of communicating verification data 
during said second communications session. 



24. 



45 



The method as recited in any of claims 18 to 23 
wherein said communications node is a mobile 
node of a wireless telecommunications network. 



50 



55 



25. The method as recited in any of claims 18 to 23 
wherein said communications node is a client sta- 
tion of a computer network. 

26. A method of independently generating cryptograph- 
ic keys at first and second communications nodes, 
comprising: 

transmitting first and third seeds between said 
first and second communications nodes during 
a first communications session over a first com- 
munications channel: 
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transmitting a second seed between said first 
and second communications nodes during a 
second communications session temporally 
separated from said first communications ses- 
sion and over a second communications chan- s 
nel separate from said first communications 
channel: and 

generating verification data and said crypto- 
graphic keys from said first, second and third 
seeds at both said first and second communi- io 
cations nodes, said verification data employed 
during said second communications session to 
verify said transmitting of said first, second and 
third seeds, said transmitting of said first and 
second seeds occurring during said temporally- '5 
separated first and second communications 
sessions and over said separate first and sec- 
ond communications channels, respectively, to 
thereby enhance a privacy of said cryptograph- 
ic keys. 20 

27. The method as recited in claim 26 wherein said first 
communications node is a mobile node of a wireless 
telecommunications network and said second com* 
munications node is a base station of said wireless 
telecommunications network. 

28. The method as recited in claim 26 wherein said first 
communications node is a client station of a com- 
puter network and said second communications 30 
node is a server station of said computer network. 

29. The method as recited in any of claims 16 to 29 

wherein said second communications session is 
conducted over a wireless communications chan- 35 
nel. 

30. The method as recited in any of claims 18 to 29 
wherein said first seed is S to 1 0 digits in length and 
said second seed is 24 digits in length. 40 
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